apps/kubevpn
1
0
Fork 0
mirror of https://github.com/kubenetworks/kubevpn.git synced 2025-09-27 03:36:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: detect nameserver by send dns query (#719)

Browse Source
This commit is contained in:
naison
2025-09-25 21:16:46 +08:00
committed by GitHub
parent 4fe94cfd0c
commit c62134a5eb
2 changed files with 28 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/handler/cleaner.go
View File

@@ -88,7 +88,7 @@ func (c *ConnectOptions) Cleanup(logCtx context.Context) {
} }
} }
if c.dnsConfig != nil { if c.dnsConfig != nil {
plog.G(logCtx).Infof("Clearing DNS settings") plog.G(logCtx).Debugf("Clearing DNS settings")
c.dnsConfig.CancelDNS() c.dnsConfig.CancelDNS()
} }
} }

51
pkg/handler/connect.go
View File

@@ -7,7 +7,6 @@ import (
"net" "net"
"slices" "slices"
"sort" "sort"
"strconv"
"strings" "strings"
"sync" "sync"
"time" "time"
@@ -317,7 +316,7 @@ func (c *ConnectOptions) portForward(ctx context.Context, portPair []string) err
podName := pod.GetName() podName := pod.GetName()
// try to detect pod is delete event, if pod is deleted, needs to redo port-forward // try to detect pod is delete event, if pod is deleted, needs to redo port-forward
go util.CheckPodStatus(childCtx, cancelFunc, podName, c.clientset.CoreV1().Pods(c.Namespace)) go util.CheckPodStatus(childCtx, cancelFunc, podName, c.clientset.CoreV1().Pods(c.Namespace))
domain := fmt.Sprintf("%s.%s", config.ConfigMapPodTrafficManager, c.Namespace) domain := config.ConfigMapPodTrafficManager
go healthCheckPortForward(childCtx, cancelFunc, readyChan, strings.Split(portPair[1], ":")[0], domain, c.LocalTunIPv4.IP) go healthCheckPortForward(childCtx, cancelFunc, readyChan, strings.Split(portPair[1], ":")[0], domain, c.LocalTunIPv4.IP)
go healthCheckTCPConn(childCtx, cancelFunc, readyChan, domain, util.GetPodIP(pod)[0]) go healthCheckTCPConn(childCtx, cancelFunc, readyChan, domain, util.GetPodIP(pod)[0])
if *first { if *first {
@@ -627,7 +626,6 @@ func (c *ConnectOptions) addRoute(ipStrList ...string) error {
} }
func (c *ConnectOptions) setupDNS(ctx context.Context, svcInformer cache.SharedIndexInformer) error { func (c *ConnectOptions) setupDNS(ctx context.Context, svcInformer cache.SharedIndexInformer) error {
const portTCP = 10801
podList, err := c.GetRunningPodList(ctx) podList, err := c.GetRunningPodList(ctx)
if err != nil { if err != nil {
plog.G(ctx).Errorf("Get running pod list failed, err: %v", err) plog.G(ctx).Errorf("Get running pod list failed, err: %v", err)
@@ -643,22 +641,14 @@ func (c *ConnectOptions) setupDNS(ctx context.Context, svcInformer cache.SharedI
marshal, _ := json.Marshal(relovConf) marshal, _ := json.Marshal(relovConf)
plog.G(ctx).Debugf("Get DNS service config: %v", string(marshal)) plog.G(ctx).Debugf("Get DNS service config: %v", string(marshal))
svc, err := c.clientset.CoreV1().Services(c.Namespace).Get(ctx, config.ConfigMapPodTrafficManager, metav1.GetOptions{}) var svc *v1.Service
svc, err = c.clientset.CoreV1().Services(c.Namespace).Get(ctx, config.ConfigMapPodTrafficManager, metav1.GetOptions{})
if err != nil { if err != nil {
return err return err
} }
err = detectNameserver(ctx, relovConf, svc.Spec.ClusterIP, pod.Status.PodIP)
var conn net.Conn
d := net.Dialer{Timeout: time.Duration(max(2, relovConf.Timeout)) * time.Second}
conn, err = d.DialContext(ctx, "tcp", net.JoinHostPort(svc.Spec.ClusterIP, strconv.Itoa(portTCP)))
if err != nil { if err != nil {
relovConf.Servers = []string{pod.Status.PodIP} return err
err = nil
plog.G(ctx).Debugf("DNS service use pod IP %s", pod.Status.PodIP)
} else {
relovConf.Servers = []string{svc.Spec.ClusterIP}
_ = conn.Close()
plog.G(ctx).Debugf("DNS service use service IP %s", svc.Spec.ClusterIP)
} }
plog.G(ctx).Infof("Adding extra domain to hosts...") plog.G(ctx).Infof("Adding extra domain to hosts...")
@@ -1268,21 +1258,13 @@ func healthCheckTCPConn(ctx context.Context, cancelFunc context.CancelFunc, read
return return
} }
var healthChecker = func() error {
msg := new(miekgdns.Msg)
msg.SetQuestion(miekgdns.Fqdn(domain), miekgdns.TypeA)
client := miekgdns.Client{Net: "udp", Timeout: time.Second * 10}
_, _, err := client.ExchangeContext(ctx, msg, net.JoinHostPort(dnsServer, "53"))
return err
}
newTicker := time.NewTicker(config.KeepAliveTime / 2) newTicker := time.NewTicker(config.KeepAliveTime / 2)
defer newTicker.Stop() defer newTicker.Stop()
for ; ctx.Err() == nil; <-newTicker.C { for ; ctx.Err() == nil; <-newTicker.C {
err := retry.OnError(wait.Backoff{Duration: time.Second * 10, Steps: 6}, func(err error) bool { err := retry.OnError(wait.Backoff{Duration: time.Second * 10, Steps: 6}, func(err error) bool {
return err != nil return err != nil
}, func() error { }, func() error {
return healthChecker() return nameserverChecker(ctx, domain, dnsServer)
}) })
if err != nil { if err != nil {
plog.G(ctx).Errorf("Failed to query DNS: %v", err) plog.G(ctx).Errorf("Failed to query DNS: %v", err)
@@ -1290,3 +1272,24 @@ func healthCheckTCPConn(ctx context.Context, cancelFunc context.CancelFunc, read
} }
} }
} }
func detectNameserver(ctx context.Context, relovConf *miekgdns.ClientConfig, serviceIP string, podIP string) error {
domain := config.ConfigMapPodTrafficManager
err := nameserverChecker(ctx, domain, serviceIP)
if err != nil {
relovConf.Servers = []string{podIP}
plog.G(ctx).Debugf("DNS service use pod IP %s", podIP)
} else {
relovConf.Servers = []string{serviceIP}
plog.G(ctx).Debugf("DNS service use service IP %s", serviceIP)
}
return nil
}
func nameserverChecker(ctx context.Context, domain string, dnsServer string) error {
msg := new(miekgdns.Msg)
msg.SetQuestion(miekgdns.Fqdn(domain), miekgdns.TypeA)
client := miekgdns.Client{Net: "udp", Timeout: time.Second * 10}
_, _, err := client.ExchangeContext(ctx, msg, net.JoinHostPort(dnsServer, "53"))
return err
}